CODEWITHSUNDEEP
iphonedjangoauthenticationpostdjango-csrf
gohnjanotis
gohnjanotis

Reputation: 7565

How would I authenticate and make requests from an iPhone app to a Django backend to get around CSRF?

I'm working with an iPhone developer who does not have any Django experience, and I am relatively new to Django. I've built an existing Django app with a web interface that allows a user to log in and add books from our database to his personal library.

We are trying to build an iPhone application that allows a user to authenticate and the access the library, and I was wondering what is the best way to do the authentication and then request the user's library. We started out using an HTTP POST requests to send credentials to the Django app, but another Django developer I know told me this would be a cross-domain request which would not work starting with Django 1.2.

If I can't do cross-domain HTTP POST requests, how should I POST data from the iPhone app to the Django application?

Upvotes: 3

Views: 1107

Answers (3)

Haibane
Haibane

Reputation: 67

You can solve CSRF Issue. in django 1.4 Just using decoration at front of function.

Solution:
  @csrf_exempt
  def PostData(requst):
    pass

Upvotes: 1

Swizec Teller
Swizec Teller

Reputation: 2322

Just use the csrf_exempt decorator.http://docs.djangoproject.com/en/dev/ref/contrib/csrf/#exceptions

And yes, use the POST request type, it's the only logical choice when you're sending data to the server. As per RESTful API guidelines: http://en.wikipedia.org/wiki/Representational_State_Transfer#RESTful_web_services

Upvotes: 5

Aaron Saunders
Aaron Saunders

Reputation: 33335

http request from the iphone application is not cross-domain

Upvotes: -1

Related Questions